Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e7c1973f by Moritz Muehlenhoff at 2023-12-22T09:30:33+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19,17 +19,17 @@ CVE-2023-7051 (A vulnerability was found in PHPGurukul
Online Notes Sharing Syst
CVE-2023-7050 (A vulnerability has been found in PHPGurukul Online Notes
Sharing Syst ...)
NOT-FOR-US: PHPGurukul Online Notes Sharing System
CVE-2023-6847 (An improper authentication vulnerability was identified in
GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-6804 (Improper privilege management allowed arbitrary workflows to be
commit ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-6803 (A race condition in GitHub Enterprise Server allows an outside
collabo ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-6802 (An insertion of sensitive information into the log file in the
audit l ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-6746 (An insertion of sensitive information into log file
vulnerability was ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-6690 (A race condition in GitHub Enterprise Server allowed an
existing admin ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-51713 (make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte
out-of- ...)
- proftpd-dfsg 1.3.8.a+dfsg-1
NOTE: https://github.com/proftpd/proftpd/issues/1683
@@ -46,87 +46,87 @@ CVE-2023-51704 (An issue was discovered in MediaWiki before
1.35.14, 1.36.x thro
NOTE:
https://lists.wikimedia.org/hyperkitty/list/wikitec...@lists.wikimedia.org/thread/TDBUBCCOQJUT4SCHJNPHKQNPBUUETY52/
NOTE: https://phabricator.wikimedia.org/T347726
CVE-2023-51380 (An incorrect authorization vulnerability was identified in
GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-51379 (An incorrect authorization vulnerability was identified in
GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-49690 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49689 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49688 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49687 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49686 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49685 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49684 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49683 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49682 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49681 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49680 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49679 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49678 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49677 (Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL
Injectio ...)
- TODO: check
+ NOT-FOR-US: Job Portal
CVE-2023-49086 (Cacti is a robust performance and fault management framework
and a fro ...)
TODO: check
CVE-2023-49084 (Cacti is a robust performance and fault management framework
and a fro ...)
TODO: check
CVE-2023-48723 (Student Result Management System v1.0 is vulnerable to
multiple Unauth ...)
- TODO: check
+ NOT-FOR-US: Student Result Management System
CVE-2023-48722 (Student Result Management System v1.0 is vulnerable to
multiple Unauth ...)
- TODO: check
+ NOT-FOR-US: Student Result Management System
CVE-2023-48720 (Student Result Management System v1.0 is vulnerable to
multiple Unauth ...)
- TODO: check
+ NOT-FOR-US: Student Result Management System
CVE-2023-48719 (Student Result Management System v1.0 is vulnerable to
multiple Unauth ...)
- TODO: check
+ NOT-FOR-US: Student Result Management System
CVE-2023-48718 (Student Result Management System v1.0 is vulnerable to
multiple Unauth ...)
- TODO: check
+ NOT-FOR-US: Student Result Management System
CVE-2023-48717 (Student Result Management System v1.0 is vulnerable to
multiple Unauth ...)
- TODO: check
+ NOT-FOR-US: Student Result Management System
CVE-2023-48716 (Student Result Management System v1.0 is vulnerable to
multiple Unauth ...)
- TODO: check
+ NOT-FOR-US: Student Result Management System
CVE-2023-48690 (Railway Reservation System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Railway Reservation System
CVE-2023-48689 (Railway Reservation System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Railway Reservation System
CVE-2023-48688 (Railway Reservation System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Railway Reservation System
CVE-2023-48687 (Railway Reservation System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Railway Reservation System
CVE-2023-48686 (Railway Reservation System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Railway Reservation System
CVE-2023-48685 (Railway Reservation System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Railway Reservation System
CVE-2023-48308 (Nextcloud/Cloud is a calendar app for Nextcloud. An attacker
can gain ...)
- TODO: check
+ NOT-FOR-US: Nextcloud calendar app
CVE-2023-48298 (ClickHouse\xae is an open-source column-oriented database
management s ...)
TODO: check
CVE-2023-46649 (A race condition in GitHub Enterprise Server was identified
that could ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-46648 (An insufficient entropy vulnerability was identified in GitHub
Enterpr ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-46647 (Improper privilege management in all versions of GitHub
Enterprise Ser ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-46646 (Improper access control in all versions of GitHub Enterprise
Server al ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-46645 (A path traversal vulnerability was identified in GitHub
Enterprise Ser ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2023-41097 (An Observable Timing Discrepancy, Covert Timing Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2023-37520 (UnauthenticatedStored Cross-Site Scripting (XSS) vulnerability
identif ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-37519 (Unauthenticated Stored Cross-Site Scripting (XSS)
vulnerability. This ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-42465 [Targeted Corruption of Register and Stack Variables]
- sudo 1.9.15p2-2
NOTE: https://www.openwall.com/lists/oss-security/2023/12/21/9
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7c1973f1756e5e92bcf89a8c55ec515b9df3b10
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7c1973f1756e5e92bcf89a8c55ec515b9df3b10
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
